Product Details
GadgetCA: A Tool for Generating ReDoS Attacks
Created: 2022
Czech title
GadgetCA - Nástroj pro generování ReDoS útoků
Type
software
License
required - free
Authors
Holík Lukáš, doc. Mgr., Ph.D. (DITS FIT BUT)
Holíková Lenka, Ing. (DITS FIT BUT)
Homoliak Ivan, doc. Ing., Ph.D. (DITS FIT BUT)
Lengál Ondřej, Ing., Ph.D. (DITS FIT BUT)
Veanes Margus (MSR)
Vojnar Tomáš, prof. Ing., Ph.D. (DITS FIT BUT)
Holíková Lenka, Ing. (DITS FIT BUT)
Homoliak Ivan, doc. Ing., Ph.D. (DITS FIT BUT)
Lengál Ondřej, Ing., Ph.D. (DITS FIT BUT)
Veanes Margus (MSR)
Vojnar Tomáš, prof. Ing., Ph.D. (DITS FIT BUT)
Keywords
regular expressions, pattern matching, security, counting-set automata, ReDoS, generator
Description
The tool allows to generate ReDoS attacks for automata-based matchers. It is the first generator capable of attacking the automata-based matchers using bounded repetition. It is based on counting-set automata (CsA) which are small and can be constructed faster than deterministic counting automata (DFA).
Location
The tool is available at http://www.fit.vutbr.cz/research/groups/verifit/tools/gadgetca
Licence
Free software under the terms of GNU GPL (cf. http://www.gnu.org/licenses/gpl.html).
Projects
Research groups
Automated Analysis and Verification Research Group - VeriFIT (VZ VERIFIT)
IT Security Research Group (VZ Security@FIT)
IT Security Research Group (VZ Security@FIT)
Departments
Department of Intelligent Systems FIT BUT (DITS FIT BUT)